1 Reply Latest reply on Jul 3, 2018 8:25 AM by William Ardanuy

    Linux - SAML service can't start

    Tristan Combret

      Hello,

       

      I'm new user of Tableau Server Linux and i have tried to configure SAML authentication but 'Tableau Server SAML Service 0' still stopped. Tableau server can't start properly.

       

      According to Configurer SAML à l'échelle du serveur pour Tableau Server sur Linux, i used tsm command line:

       

      tsm authentication saml configure --idp-entity-id xxx --idp-metadata /var/opt/tableau/tableau_server/data/saml/xxx.xml --idp-return-url https://xxx.com --cert-file /var/opt/tableau/tableau_server/data/samlxxx.crt --key-file /var/opt/tableau/tableau_server/data/saml/xxx.key 
      tsm authentication saml enable
      tsm pending-changes apply
      

       

       

      But tableau server do not restart as expected :

       

      [root@ip-172-31-8-98 centos]# tsm start -u tsmadmin
      Starting service...
      
      
      Unable to determine if all components of the service started properly.
      
      node1: localhost
              Status: DEGRADED
              'Tableau Server Gateway 0' is running.
              'Tableau Server Application Server 0' status is unavailable.
              'Tableau Server VizQL Server 0' is running.
              'Tableau Server Cache Server 0' is running.
              'Tableau Server Coordination Service 0' is running.
              'Tableau Server Cluster Controller 0' is running.
              'Tableau Server Search And Browse 0' is running.
              'Tableau Server Backgrounder 0' is running.
              'Tableau Server Data Server 0' is running.
              'Tableau Server Data Engine 0' is running.
              'Tableau Server File Store 0' is running.
              'Tableau Server Repository 0' is running (Active Repository).
              'Tableau Server Administration Agent 0' is running.
              'Tableau Server Administration Controller 0' is running.
              'Tableau Server Service Manager 0' is running.
              'Tableau Server License Manager 0' is running.
              'Tableau Server Database Maintenance 0' is stopped.
              'Tableau Server Backup/Restore 0' is stopped.
              'Tableau Server Site Import/Export 0' is stopped.
              'Tableau Server SAML Service 0' is stopped.
      See '/root/.tableau/tsm/tsm.log' for more information.
      


      End of file /root/.tableau/tsm/tsm.log:

       

      2018-02-06 16:32:06 main : DEBUG com.tableausoftware.tabadmin.ServerApi - Client request: GET https://ip-172-31-8-98.eu-west-1.compute.internal:8850/api/0.5/asyncJobs/43
      2018-02-06 16:32:06 main : INFO  com.tableausoftware.tabadmin.async.AsyncJobDelegate - Retrieved async job status Running. Id=43, progress=50
      2018-02-06 16:32:07 main : DEBUG com.tableausoftware.tabadmin.ServerApi - Client request: GET https://ip-172-31-8-98.eu-west-1.compute.internal:8850/api/0.5/asyncJobs/43
      2018-02-06 16:32:07 main : INFO  com.tableausoftware.tabadmin.async.AsyncJobDelegate - Retrieved async job status Running. Id=43, progress=50
      2018-02-06 16:32:08 main : DEBUG com.tableausoftware.tabadmin.ServerApi - Client request: GET https://ip-172-31-8-98.eu-west-1.compute.internal:8850/api/0.5/asyncJobs/43
      2018-02-06 16:32:08 main : INFO  com.tableausoftware.tabadmin.async.AsyncJobDelegate - Retrieved async job status Running. Id=43, progress=50
      2018-02-06 16:32:09 main : DEBUG com.tableausoftware.tabadmin.ServerApi - Client request: GET https://ip-172-31-8-98.eu-west-1.compute.internal:8850/api/0.5/asyncJobs/43
      2018-02-06 16:32:09 main : INFO  com.tableausoftware.tabadmin.async.AsyncJobDelegate - Retrieved async job status Running. Id=43, progress=50
      2018-02-06 16:32:10 main : DEBUG com.tableausoftware.tabadmin.ServerApi - Client request: GET https://ip-172-31-8-98.eu-west-1.compute.internal:8850/api/0.5/asyncJobs/43
      2018-02-06 16:32:10 main : INFO  com.tableausoftware.tabadmin.async.AsyncJobDelegate - Retrieved async job status Failed. Id=43, progress=100
      2018-02-06 16:32:10 main : ERROR com.tableausoftware.tabadmin.async.AsyncJobDelegate - Asynchronous job 43 completed but wasn't successful.
      2018-02-06 16:32:10 main : ERROR com.tableausoftware.tabadmin.Tabadmin - Unable to determine if all components of the service started properly.
      2018-02-06 16:32:10 main : DEBUG com.tableausoftware.tabadmin.ServerApi - Client request: GET https://ip-172-31-8-98.eu-west-1.compute.internal:8850/api/0.5/status
      2018-02-06 16:32:10 main : DEBUG com.tableausoftware.tabadmin.ServerApi - Client request: GET https://ip-172-31-8-98.eu-west-1.compute.internal:8850/api/0.5/nodes/node1
      2018-02-06 16:32:10 main : DEBUG com.tableausoftware.tabadmin.ServerApi - Received response from https://generichostname:8850/api/0.5/nodes/node1
      

       

      The SAML service does not seem to have started (listen on port 8855):

      /var/opt/tableau/tableau_server/data/tabsvc/logs/samlservice/control-samlservice-0.log

       

      2018-02-06 16:49:36.921 +0100 main : DEBUG com.tableausoftware.samlservice.SamlServiceApp - Service directory is /var/opt/tableau/tableau_server/data/tabsvc/services/samlservice_0.10500.18.0109.1050
      2018-02-06 16:49:36.933 +0100 main : DEBUG com.tableausoftware.tabadmin.service.BaseTableauServiceCommands - Querying status for samlservice_0
      2018-02-06 16:49:37.609 +0100 main : ERROR com.tableausoftware.service.status.ServiceStatusClientBase - IOException connecting to HTTP server at http://localhost:8855/public/idp/metadata
      org.apache.http.conn.HttpHostConnectException: Connect to localhost:8855 [localhost/127.0.0.1, localhost/0:0:0:0:0:0:0:1] failed: Connection refused (Connection refused)
        at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:158)
        at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353)
        at org.apache.http.impl.execchain.MinimalClientExec.execute(MinimalClientExec.java:183)
        at org.apache.http.impl.client.MinimalHttpClient.doExecute(MinimalHttpClient.java:107)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107)
        at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55)
        at com.tableausoftware.tabadmin.status.HttpStatusMonitor.getStatus(HttpStatusMonitor.java:90)
        at com.tableausoftware.samlservice.SamlServiceApp$2.queryStatus(SamlServiceApp.java:120)
        at com.tableausoftware.tabadmin.service.BaseTableauServiceCommands.status(BaseTableauServiceCommands.java:86)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at com.tableausoftware.commandline.SwitchCommand$1.run(SwitchCommand.java:193)
        at com.tableausoftware.commandline.SimpleCommand.execute(SimpleCommand.java:47)
        at com.tableausoftware.commandline.SwitchCommand.execute(SwitchCommand.java:148)
        at com.tableausoftware.service.control.ControlServiceApp.execute(ControlServiceApp.java:177)
        at com.tableausoftware.service.control.ControlServiceApp.executeCommandWithApp(ControlServiceApp.java:163)
        at com.tableausoftware.samlservice.SamlServiceApp.main(SamlServiceApp.java:67)
      Caused by: java.net.ConnectException: Connection refused (Connection refused)
        at java.net.PlainSocketImpl.socketConnect(Native Method)
        at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
        at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
        at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
        at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
        at java.net.Socket.connect(Socket.java:589)
        at org.apache.http.conn.socket.PlainConnectionSocketFactory.connectSocket(PlainConnectionSocketFactory.java:74)
        at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:141)
        ... 19 more
      2018-02-06 16:49:37.614 +0100 main : DEBUG com.tableausoftware.tabadmin.service.BaseTableauServiceCommands - Received status from samlservice_0: DOWN
      2018-02-06 16:49:37.614 +0100 main : DEBUG com.tableausoftware.tabadmin.service.BaseTableauServiceCommands - Detail was set on status with code null and message Connect to localhost:8855 [localhost/127.0.0.1, localhost/0:0:0:0:0:0:0:1] failed: Connection refused (Connection refused)
      


      Thanks for your help, I have no more ideas !

       

      Tristan

        • 1. Re: Linux - SAML service can't start
          William Ardanuy

          I had a similar issue, here's what I did to resolve the problem:

           

          Looking in the vizportal logs (located at /var/opt/tableau/tableau_server/data/tabsvc/logs/vizportal/vizportal_node1-0.log), I wasable to find more details on the actual error. In my case, there was an error with our SAML private key:

          nested exception is org.bouncycastle.openssl.PasswordException: Expected private key stored in /apps/tableau/tableau_server/data/saml/vdeitableausaml.key to be a PEMKeyPair (unencrypted PEM), but got PrivateKeyInfo instead

           

          I then rebuilt the private key in RSA format, and SAML now starts properly.